Vulnerability Predictions

The Vulnerability Predictive Analytics Engine provides users with vulnerability predictions and analyzes whether systems are vulnerable to attacks without the need to perform new scans (you must have scanned hosts using authentication at least once). Go to KnowledgeBase > Predictions to see the vulnerabilities that can be predicted and how many of your hosts are considered at risk.

How it works - We compare vulnerability details to your latest scan results, specifically we look at a host's operating system, software installed, and software version installed. Then we assign a confidence level to each vulnerability prediction (you'll see this when you run a Threat Analysis Report).


You must run authenticated scans with QID 45141 and QID 90235 on your hosts at least once - predictions will not appear until you do. Tip - These QIDs are automatically included when "Complete" vulnerability detection is selected in your option profile. When running a custom vulnerability scan, make sure to add these QIDs to the profile:

QID 45141 - Installed packages on Unix and Linux Operating Systems

QID 90235 - Installed Applications Enumerated From Windows Installer

Go to KnowledgeBase > Predictions to see the number of hosts predicted to be at risk for each vulnerability listed. For example, if 25% appears in the Impacted Hosts column, then 25% of the hosts in your account are at risk.

I'm not seeing any predictions. How come?I'm not seeing any predictions. How come?

You must have scanned hosts at least once using authentication in order for us to make predictions. See the previous step.

Click View Report (in the Impacted Hosts column) to run the Threat Analysis Report for any vulnerability. This report includes specific details for each impacted host with a risk confidence level: Confirmed, Likely, Potential. Learn more

Don't see the Predictions tab?

That means this feature is not enabled for your subscription. Please contact your Technical Account Manager if you're interested in this feature.